ggodw000 wrote:
dozniak wrote:
ggodw000 wrote:
I thought about certain media file protection,
WHY did you think about it?
business requirement.
Is this bespoke or salary work, or your own business plan? If the former, the you have my condolences, and I recommend dusting off your resume at the earliest convenience. If it is your own, I recommend changing it in to something actually viable in the current market - few consumers will work with a small business that uses DRM (and even larger businesses lose more money than they recoup from it, not just because it drives off customers, but because it almost invariably leads to increased support costs as due to flaws in the DRM system).
Regardless of whether it is right or wrong, as a practical matter copy protection is a white elephant - it costs the companies using it far more than it could possibly be worth. The development cost (or purchase cost) alone is likely to exceed anything saved by preventing casual users from copying the software, and in any case copying by casual users is not a significant monetary loss center - copying by professional pirates and torrent users can be, but DRM actually encourages those losses (by drawing attention to the program) rather than preventing them.
It makes no sense to worry about a businessman putting a program on a half dozen office computers, or some teen giving a copy of something to a friend, when at the same time you can't stop the guys who are cranking out DVDs of your program and putting their own company name on it for resale, or when some script kiddie can rip the program with a utility they got off of some website and post it to the latest incarnation of The Pirate Bay for anyone to torrent. The losses DRM can prevent aren't losses - at worst the potential customer would use something else if they couldn't do what they wanted with your software, at best casual copying would spread the use of the program and actually lead to an increase in sales - and the ones which are losses can't be prevented by any means other than not writing the program in the first place.
If you feel you must pursue this, either out of a misguided over-valuation of your own product or because someone else is paying you to do it out of a misguided etc., then I recommend focusing on two things: first, go with a SaaS model that uses micro-transactions - ones which are actually
micro, that is, ones which are measured in the thousandths of a US cent, and covered through a pre-paid escrow - and have the software only download the parts actually in use at a given time, keeping the code sections in a LRU cache and never providing the whole program at any given time; and second, encrypt the object files or bytecode when not in use. It will slow the software down (though not as much as you might think), but it will at least fulfill your brief.
(And yes, this is actually quite close to something I intend to build into the document system of Kether. However, the goal there is less about the property rights - that's more of a side benefit - than about having an audit trail for provenance, which could be a valuable research tool. The difference is that in Kether - which gets the idea from the Xanadu work going back to the late 1960s, which is where the idea of micro-transactions originated -
all documents and program code would be handled this way transparently. More significantly, I mean to use capabilities to control things such as link visibility, and provide very fine-grained distribution control, which would mean that, short of compromising the system itself - which can be expected to be done by some people if it were a commercial system, to be sure - a user without a capability for a given link would be unable to even learn of the link's existence from within the system. It would not alter whether a document fragment is copied or not - that is controlled entirely by the system anyway, the most a user can do is ask for it to place a cached duplicate on a given medium - and any transactions would themselves be recorded in an audit log.)